<?php
class BackendSQL {
	function __construct($host, $db, $usr, $pswd) {
		$dsn = 'mysql:dbname=$db;host=$host';

		try {
		    $this->db = new PDO("mysql:host=127.0.0.1;dbname=pic2;charset=utf8",'root','');
		} catch (PDOException $e) {
		    echo 'Problem'; 
		}
	}
	
	function getImageById ($id) {
		$q = $this->db->prepare('
		select * from images 
		where imgid= :id'
		);
		$q->execute(array(':id' => $id));
		return $q->fetch();
	}
	
	function getGalleryById ($id) {
		$q = $this->db->prepare('
		select * from galleries 
		where glrid= :id'
		);
		$q->execute(array(':id' => $id));
		return $q->fetch();
	}
	
	function getTagById ($id) {
		$q = $this->db->prepare('
		select * from tags 
		where tagid= :id'
		);
		$q->execute(array(':id' => $id));
		return $q->fetch();
	}
	
	function getUserById ($id) {
		$q = $this->db->prepare('
		select * from users 
		where usrid= :id'
		);
		$q->execute(array(':id' => $id));
		return $q->fetch();
	}
	
	function getUserIdByName ($name) {
		$q = $this->db->prepare('
		select * from users 
		where username= :name'
		);
		$q->execute(array(':name' => $name));
		return $q->fetch()["USRID"];
	}
	
	function authoriseSession ($token, $auth) {
		$q = $this->db->prepare('
		select * from sessions 
		where token= :id and authkey= :auth'
		);
		$q->execute(array(':token' => $token, ':auth' => $auth));
		return $q->fetch()["OWNER"];
	}
	
	function passwdCompare ($id, $passwd) {
		$dbPass = $this->getUserById($this->getUserIdByName($id))["PASSWD"];
		$hashopts = [
			'cost' => 11,
		];

		$hash = password_hash($passwd, PASSWORD_BCRYPT, $hashopts);
		if (password_verify($passwd, $dbPass)) {
			return true;
		} else {
			return false;
		}
	}
	
	function AddImage ($name, $desc, $file, $owner, $tags) {
		if (strpos($tags, ',')) {
			$tagArray = array_map('trim',explode(',', $tags));
		} else {
			$tagArray = array($tags);
		}
		$date = date("Y-m-d H:i:s");
		// Do some magic with the tags...
		
		$q = $this->db->prepare('
		INSERT INTO IMAGES (
		    IMAGE_NAME,
		    OWNER,
		    DESCRIPTION,
		    FILE_PATH,
		    UPLOAD_DATE,
		    TAGS
		)
		VALUES
		(:name, :owner, :desc, :file, :date, :tags)
		');
		$q->execute(array(
			':name' => $name,
			':owner' => $owner,
			':desc' => $desc,
			':file' => $file,
			':tags' => $tagArray,
			':date' => $date
		));
	}
	
	function addUser ($name, $passwd) {
		$date = date("Y-m-d H:i:s");
		$hashopts = [
			'cost' => 11,
		];

		$hash = password_hash($passwd, PASSWORD_BCRYPT, $hashopts);
		$q = $this->db->prepare('
		INSERT INTO USERS (
		    USERNAME,
		    PASSWD,
		    JOIN_DATE
		)
		VALUES
		(:name, :pass, :date)
		');
		$q->execute(array(
			':name' => $name,
			':pass' => $hash,
			':date' => $date
		));
	}
	
	function addSession ($user, $token, $authkey) {
		$id = $this->getUserIdByName($user);
		$q = $this->db->prepare('
		INSERT INTO SESSIONS (
		    TOKEN,
		    AUTHKEY,
		    OWNER
		)
		VALUES
		(:token, :authkey, :id)
		');
		$q->execute(array(
			':token' => $token,
			':authkey' => $authkey,
			':id' => $id
		));
	
	}
}

?>